Digital signatures can be seen as the counterpart to handwritten signatures. The digital signature appended by a sender to an electronic document can be used to establish the sender's identity and the authenticity of the transmitted document. The legally binding nature of the digital signature is a key topic for public administration, for companies and, increasingly, for private individuals.
The principle of the digital signature is known. It is based on an asymmetric method in which each user is assigned two different keys: a private key and a public key. The public key is generally accessible. The prerequisite is that each pair of keys is unique. With the private key, which is usually on a chipcard, the digital signature is generated by the sender. The recipient of a document signed with a digital signature can separate the signature from the document using an appropriate software program and can decode the hash with the aid of the sender's public key, thereby verifying the authenticity of the document and the identity of the sender. This method can be used between natural persons and between hardware devices.
Methods of generating digital signatures are known. For example, signature devices are used which apply cryptographic methods such as the familiar RSA (Rivest-Shamia-Adleman cryptographic algorithm) public key method. In this, a document extract value (hash) generated by a hashing method such as MD5 (Message Digest #5) or SHA-1 (Secure Hashing Algorithm) is signed with the private key of the sender (encrypted) and appended to the document as a digital signature prior to dispatch.
In cryptographic methods it is necessary that the length of the digital signature matches the length of the key used, e.g. 512, 758 or 1024 bits. Since the size of the hash is only around 20 bytes, the unused area of the signature is filled out with filler characters (pads). Consequently, in a digital signature for example 108 bytes of these pads are stored and transported uselessly when a 1024-bit RSA key and the SHA-1 hashing algorithm are used.
In the known methods there is no unique allocation of the digital signature to a specific signature device. Thus it would be possible, for example, with the aid of a fake or stolen key and a signature device, to append a fake signature to a document. The legitimate owner of the key used has little or no chance of proving that such an unauthorized signature was indeed made without his or her knowledge.
It would also be possible that a manipulated or stolen signature device of the key holder may be used, together with a third-party program (virus), to sign documents without the knowledge of the key holder. This may also occur with no intervention from outside, for example as a result of faulty software or interfaces. Here, too, the key holder has little chance of proving the illegitimacy of the signatures generated.
It is therefore the object of the present invention to deliver a digital signature by the use of which the legally binding nature of a digital signature is enhanced.